GnuPG for Android progress: we have an command line app!

This alpha release of our command-line developer tool brings GnuPG to Android for the first time!

GNU Privacy Guard Command-Line (gpgcli) gives you command line access to the entire GnuPG suite of encryption software. GPG is GNU’s tool for end-to-end secure communication and encrypted data storage. This trusted protocol is the free software alternative to PGP. GnuPG 2.1 is the new modularized version of GnuPG that now supports OpenPGP and S/MIME.

Setup

Before using gpgcli, be sure to launch the app and let it finish its installation process. Once it has completed, then you’re ready to use it. The easiest way to get started with gpgcli is to install Android Terminal Emulator. gpgcli will automatically configure Android Terminal Emulator as long as you have the Allow PATH extensionsFeatures

PUBLIC KEY ENCRYPTION: Full interoperable replacement of the proprietary Pretty Good Privacy (PGP) standard that uses a serial combination of hashing, data compression, symmetric-key cryptography and finally public-key cryptography; each step uses one of several supported algorithms.

CONFIRMED SECURITY: Italian Police, the FBI, and British police have been unable to crack its security and have resorted to demanding private keys. It’s been likened as “the closest you’re likely to get to military-grade encryption” by cryptographer Bruce Schneier.

HELP SYSTEM: A quick help tool is built in.

KEYSERVER SUPPORT: Integrated support for HKP and LDAP keyservers (keys.gnupg.net).

OPEN STANDARD COMPLIANT: Full OpenPGP implementation. Learn more about standards RFC2440 & RFC4880

Please Report Bugs

This is an early release of a big project, so there will inevitable be bugs. Help us improve this software by filing bug reports about any problem that you encounter. Feature requests are also welcome!

23 comments for “GnuPG for Android progress: we have an command line app!”

We are most definitely aware of APG, we’ve recommended it for a while now. 🙂 We’re also following the new fork of APG, called OpenPGP Keychain. While these are both useful, the whole GnuPG offers a lot more functionality, plus we hope GnuPG will perform better since its all written in C rather than Java.

Hello, and thanks for your awesome work.
With your awesome app and some script I can encrypt all JPG of some folder after I disconnect from my wifi at home. Unfortunately, I can’t reverse it with giving a passphrase to the gpg command, like I do with gpg package in debian.
Do you have any plans to implement that? It would be useful.
Thanks

You always need to give your passphrase when decrypting files, unless your PGP key does not have a passphrase on it. Or am I misunderstanding? GPG will cache your passphrase for a set amount of time, usually something like 5 minutes. So if you decrypt a file, then a minute later decrypt another file, you will only need to enter your passphrase the first time you decrypt, and not the second time a minute later.

Hans,
Thank you for your answer. I’ve found out the problem. Gpg of my smartphone is gpg2 and with debian gpg1. With gpg2 the –passphrase option isn’t available.
I’ve instaled the new night build android app. And I need to say, thank you very much. I’ts working like a charm.
When I left home, with tasker and gpg my personal files get encrypted. And when I shake the phone and answer the passphrase, its all decrypted. Awesome!!!
Thanks.

We have not had any funding or time to work on GnuPrivacyGuard recently. But the OpenKeychain project (http://www.openkeychain.org/) has made a lot of progress on that front. The OpenPGP API implemented in OpenKeychain is an API that we designed together, so ultimately that work will also feed into GnuPrivacyGuard as well. But for now, if you want PGP in K-9, use OpenKeychain.

Hey guys! so… does this perform better than APG and OpenKeyChain? Does this app integrates with K-9? It’s hard to believe that we’re on 2015 and still crappy mobile encryption support…. Not blaming u of course!
Cheers!

Right now, GPGA really mostly works with files, so encrypting, decrypting, signing, and verifying. The plan is to make it support the same API that OpenKeychain offers, but there isn’t any concrete timeline for that. Contributions are most welcome. The general plan is to make it an official GnuPG project.

Is there a reason this would choke on secret keys generated by GPG Keychain (Mac OS X)? I have a 4096 RSA key, dating to 2013 and set to expire in 2018, that GnuPG for Android will not import (through the GUI, anyway). It has 2 user IDs, only 1 subkey, no photo, no weird key management stuff. I copied it to the Android filesystem, and your app will import the public key from it, and has no trouble with my older 1024 DSA keys (generated with MacPGP back in Mac OS 9). When trying to import the 4096 RSA secret key, the app’s debug log has errors like “error sending to agent: Timeout”, and “error building skey array: Timeout”. At the end, it reports “Total number processed: 4”, “unchanged: 2”, “secret keys read: 3”, and some details like “poolsize=600”, etc.

I have the same problem with cm13. The terminal emulator always shows the message “Error: only position independent executables (PIE) are supported” and if ill set the extra authorization for the terminal Emulator in the gnupg app settings, it does not work.